Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Identities Correlation Infrastructure for Passive Network Monitoring

a technology of identity correlation and network address, applied in the field of network monitoring, to achieve the effect of enhancing the policy languag

Active Publication Date: 2008-05-08
MUSARUBRA US LLC
View PDF8 Cites 195 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0027]The invention thus provides an identity-enabled policy monitoring system. A policy language is enhanced with the ability to write policy about users, authenticated computers and user or computer groups. The network monitor uses the IAM's distributed replication service to cause the current mapping from IP address to identity to be on hand at all times. The policy language uses this mapping to apply policy.

Problems solved by technology

However, such known schemes only provide logon information.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Identities Correlation Infrastructure for Passive Network Monitoring
  • Identities Correlation Infrastructure for Passive Network Monitoring
  • Identities Correlation Infrastructure for Passive Network Monitoring

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

Glossary of Terms

[0041]The following terms, used herein, have the associated definition given in the table below.

TABLE 1Glossary of TermsTermDefinitionActive Directory (AD)[AD] Network directory and network authentication schemefrom Microsoft ®, Inc., comprising both a Domain Controllercomponent, responsible for authenticating domain users, anda repository of information about network entities such asusers, groups, resources and machines (computers andprinters), as well as the access rights granted to these entities(policy). The active directory implements one or moreDomains, into which computers and users authenticate. Theactive directory is accessed as a network directory using theLDAP [LDAP] protocol.Addressable network objectStudio object comprising, directly or indirectly, an IP addressspace. Examples are computer hosts, subnets, networkinterfaces and the top-level network objects (Intranet,Extranet, etc.) as defined in [PDSTUDIO].Authenticated computersA computer which has aut...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

User names and user groups serve as the basis of a formal policy in a network. A passive monitor examines network traffic in near real time and indicates: which network traffic is flowing on the network as before; which users or user groups were logged into workstations initiating this network traffic; and which of this traffic conforms to the formal policy definition. In one embodiment of the invention, users and user groups are determined by querying Microsoft® Active Directory and Microsoft® Windows servers, to determine who is logged onto the Microsoft® network. Other sources of identity information are also possible. The identity information is then correlated with the network traffic, so that even traffic that does not bear on the Microsoft® networking scheme is still tagged with identity

Description

CROSS-REFERENCE TO RELATED APPLICATIONS[0001]This application claims priority to U.S. Patent Application Ser. No. 60 / 864,925 filed 8 Nov. 2006.NOTE WITH REGARD TO REFERENCES[0002]Throughout this application, various documents are referenced in parentheses, e.g. [REF], which references correspond to documents which are identified by the citations set forth in “Table 3. References.” These references are not considered necessary to understand or practice the invention disclosed herein and are only included as a convenient mechanism for providing background information that may be of interest to the reader.BACKGROUND OF THE INVENTION[0003]1. Technical Field[0004]The invention relates to network monitoring. More particularly, the invention relates to the collection, distribution, and correlation of user identities with network addresses for use in connection with passive monitoring of network traffic pursuant to a corporate policy.[0005]2. Description of the Prior Art[0006]As the Interne...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/00
CPCH04L63/1425G06F21/552
Inventor SHERLOCK, KIERAN GERARDCOOPER, GEOFFREY HOWARDGUZIK, JOHN RICHARDPEARCY, DEREK PATTONVALENTE, LUIS FILIPE PEREIRA
Owner MUSARUBRA US LLC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products